From Host Card Emulation (HCE) and tokenization, to empowering organizations to become their own Token Service Provider (TSP), Rambus Bell ID software provides a comprehensive, mobile payment solution to banks and retailers worldwide that loads and manages payment credentials on Near Field Communication (NFC)-based smartphones and connected devices. Learn more about Security

Featuring comprehensive solutions for both physical and virtual smart cards, the Rambus Smart Ticketing suite of products, including technology from Ecebs, offer secure and easy-to-implement solutions for any transport scenario, including rail, bus, and ferry. Learn more about Security

Made for high speed, reliability and power efficiency, our DDR3 and DDR4 chipsets, recently acquired from Inphi, for RDIMM and LRDIMM server modules deliver top-of-the-line performance and capacity for the next wave of enterprise and data center servers. Learn more about Memory + Interfaces

With their reduced power consumption and industry-leading data rates, our line-up of memory interface IP solutions support a broad range of industry standards with improved margin and flexibility. Learn more about Memory + Interfaces

Inspired by the innovative thinking at the heart of Rambus Labs, the Emerging Solutions division at Rambus works to translate extraordinary theory into everyday practice. Learn more about Emerging Solutions

CryptoManager Security Engine

CryptoManager Security Engine

Dedicated to providing ubiquitous trust across the ecosystem, the CryptoManager platform includes a Security Engine, which is a flexible root-of-trust implemented as hardware or software, for the secure provisioning, configuration, keying and authentication throughout the lifecycle of a device.

Contact Us

How it works

Our CryptoManager Security Engine is an in-device root-of-trust offered as an embedded hardware core, or as a software agent that can be implemented as a protected element in a trusted OS or directly in the high-level device OS for the secure provisioning of keys and features throughout the device lifecycle. This provides flexible implementation options and allows the CryptoManager Infrastructure to securely communicate with the device to provision keys and manage feature configurations in the supply chain and downstream ecosystems.

The Security Engine hardware core is suitable for integration in application processors, modems, and other chipsets and features flexible design options that enable functionality, area, and power to be optimized for the required security level. This ensures maximum trust with minimal design impact. The core stores and protects sensitive key and configuration information in One Time Programmable (OTP) memory in the SoC. For feature management, the core manages rights delegation and feature activation based on permission settings. It verifies the digital signatures and security policies, ensuring that only authorized transactions are accepted. Depending on the SoC designer’s requirements, this capability may be used to configure chip features during different stages of manufacturing and enable secure applications in the field.

The Security Engine software agent is designed to offers similar functionality, but is implemented in software that can run in either Trusted Execution Environment (TEE) or High Level OS environments. All implementations of the Security Engine are supported by a trusted provisioning services stack that includes software libraries and drivers for easy integration and enablement of secure applications and services.